susceptible
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 5
Automatic Firewall 0.3.2
Automatic Firewall is a script that will automatically configure a firewall. more>>
Automatic Firewall is a script that will automatically configure a firewall. If you are a broadband or dial-up user who doesnt have a firewall script, you need to get one to protect yourself. AutoFW is made to help you do that with no efforts.
Many people when connecting to the internet need a firewall script made for them so they can surf the net without being susceptible to various attacks. Most, if not all (until now :-), of the existing scripts are written for a large range of requirements and require some tweaking to make them work for a specific user. However many users do not know which parameters to fill in the script config file.
AutoFW intends to provide a simple firewall script that you just need to fire and forget. You make sure to run it on computer start-up or just before connecting to the net, and it will detect network condition and setup appropriate firewall rules for you.
In order to be "smart" AutoFW has to be limited, the current scope of AutoFW are standard broadband connections, it will also cover dial-up users and stand-alone servers.
AutoFW works only for Linux IPTables firewall and needs the iptables utility to update the firewall, it also needs the ifconfig utility, both of these are available on any standard install of a GNU/Linux machine.
AutoFW also needs the ip program which is part of the iproute2 package, sometimes also called iproute. It is available as a package for any standard GNU/Linux install, not it might not be installed in your particular.
There are two parts that do automatic detection, one is for interfaces and IPs and the other is for open listening ports.
The interface part looks at all the active interfaces in the machine and classifies them between internal and external. It does that by looking at the IPv4 address of the device. If it is one of:
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
it is considered to be an internal IP and thus an internal interface, otherwise it is an external IP and thus an external interface. There is no handling of an interface with both an internal and an external IP on it.
The listening ports are scanned for a known port and the accompanying known program name that binds to that port, known ports are opened later in the configuration stage.
The configuration itself is very simple for now, without many of the bell and whistles that exist in other scripts, but it works for the basic needs and provides adequate protection.
Enhancements:
- Internal systems are now protected, as well as servers and NAT gateways.
<<lessMany people when connecting to the internet need a firewall script made for them so they can surf the net without being susceptible to various attacks. Most, if not all (until now :-), of the existing scripts are written for a large range of requirements and require some tweaking to make them work for a specific user. However many users do not know which parameters to fill in the script config file.
AutoFW intends to provide a simple firewall script that you just need to fire and forget. You make sure to run it on computer start-up or just before connecting to the net, and it will detect network condition and setup appropriate firewall rules for you.
In order to be "smart" AutoFW has to be limited, the current scope of AutoFW are standard broadband connections, it will also cover dial-up users and stand-alone servers.
AutoFW works only for Linux IPTables firewall and needs the iptables utility to update the firewall, it also needs the ifconfig utility, both of these are available on any standard install of a GNU/Linux machine.
AutoFW also needs the ip program which is part of the iproute2 package, sometimes also called iproute. It is available as a package for any standard GNU/Linux install, not it might not be installed in your particular.
There are two parts that do automatic detection, one is for interfaces and IPs and the other is for open listening ports.
The interface part looks at all the active interfaces in the machine and classifies them between internal and external. It does that by looking at the IPv4 address of the device. If it is one of:
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
it is considered to be an internal IP and thus an internal interface, otherwise it is an external IP and thus an external interface. There is no handling of an interface with both an internal and an external IP on it.
The listening ports are scanned for a known port and the accompanying known program name that binds to that port, known ports are opened later in the configuration stage.
The configuration itself is very simple for now, without many of the bell and whistles that exist in other scripts, but it works for the basic needs and provides adequate protection.
Enhancements:
- Internal systems are now protected, as well as servers and NAT gateways.
Download (0.020MB)
Added: 2006-07-30 License: GPL (GNU General Public License) Price:
1182 downloads
TrollBridge 0.6.0
TrollBridge is a set of scripts that allows you to build a custom network authentication. more>>
TrollBridge is a set of scripts that allows you to build a custom network authentication system that will capture unauthorized clients, direct them to a login page, and then redirect them to their original destination. It is based on the firewall script from NoCatSplash, but is written in python instead of c.
It can be used to to setup a network hot-spot for your business, school or home. The only authorization methods currently available are a skeleton username/password example, and an example using iButton devices. When a unknown MAC addresses tries to make a connection to the protected network the iptables rules redirect any access (web or otherwise) to port 5280 where the Apache server then displays the authentication page. MAC addresses are used to keep track of authorized users, so this system is susceptible the MAC is spoofed.
The scripts are not plug and play, you will need to customize them for your unique situation, as well as modify your iptables settings and add a virtual host to the Apache web server. If you need help you can ask on the TrollBridge support list
<<lessIt can be used to to setup a network hot-spot for your business, school or home. The only authorization methods currently available are a skeleton username/password example, and an example using iButton devices. When a unknown MAC addresses tries to make a connection to the protected network the iptables rules redirect any access (web or otherwise) to port 5280 where the Apache server then displays the authentication page. MAC addresses are used to keep track of authorized users, so this system is susceptible the MAC is spoofed.
The scripts are not plug and play, you will need to customize them for your unique situation, as well as modify your iptables settings and add a virtual host to the Apache web server. If you need help you can ask on the TrollBridge support list
Download (0.019MB)
Added: 2006-07-01 License: GPL (GNU General Public License) Price:
1210 downloads
Secure back door 0.5
Secure Back Door (SBD) is a tool that provides ultra-secure and minimal access to a computer. more>>
Secure Back Door (SBD) is a tool that provides ultra-secure and minimal access to a computer, which allows you to run a single command based on a one time key. It is good if you dont want to have an SSH server running all the time, and only want to start it when needed. Because it has only a few lines of code, it is hoped that it will be less susceptible to security exploits than a program like SSH.
The protocol is detailed to an extent in the text file PROTOCOL, I will update it with more details as I have time, but the most important details are included already.
If you are a crypt analysis, or just like a challenge, I appreciate anyone who is willing to look through the protocol and/or code and point out possible security implications and flaws in design!
Enhancements:
- Fixed a few minor compiler warnings
- Updated license year to 2005
- Uncommented execution code in sbdd, so now sbdd will execute incoming commands
- Updated README documentation for compilation
<<lessThe protocol is detailed to an extent in the text file PROTOCOL, I will update it with more details as I have time, but the most important details are included already.
If you are a crypt analysis, or just like a challenge, I appreciate anyone who is willing to look through the protocol and/or code and point out possible security implications and flaws in design!
Enhancements:
- Fixed a few minor compiler warnings
- Updated license year to 2005
- Uncommented execution code in sbdd, so now sbdd will execute incoming commands
- Updated README documentation for compilation
Download (0.025MB)
Added: 2006-07-12 License: GPL (GNU General Public License) Price:
1200 downloads
CAD::Drawing::IO::PgDB 0.03
CAD::Drawing::IO::PgDB is a Perl module with PostgreSQL save / load methods. more>>
CAD::Drawing::IO::PgDB is a Perl module with PostgreSQL save / load methods.
This module is considered pre-ALPHA and under-documented. Its use is strongly discouraged except under experimental conditions. Particularly susceptible to change will be the table structure of the database, which currently does not yet even have any auto-create method.
Requisite Plug-in Functions
See CAD::Drawing::IO for a description of the plug-in architecture.
check_type
Returns true if $type is "circ" or $filename is a directory containing a ".circ" file.
$fact = check_type($filename, $type);
Back-End Input and output methods
The functions load() and save() are responsible for determining the filetype (with forced types available via $opt->{type}.) These then call the appropriate load< thing > or save< thing > functions.
load
Loads a CAD::Drawing object from an SQL database. $spec should be of the form required by the database driver.
$opts->{auth} = ["username", "password"] may be required to create a connection.
$drw->load($spec, $opts);
save
$drw->save($spec, $opts);
cleardb
Deletes the drawing and all of its entities from the database.
$drw->cleardb();
Internals
parse_options
Allows options to come in through the $spec or %opts.
%options = parse_options($spec, %opts);
sort_addr
Sorts through @addr_list and returns a hash of array references for each entity type.
%these = sort_addr($layer, @addr_list);
<<lessThis module is considered pre-ALPHA and under-documented. Its use is strongly discouraged except under experimental conditions. Particularly susceptible to change will be the table structure of the database, which currently does not yet even have any auto-create method.
Requisite Plug-in Functions
See CAD::Drawing::IO for a description of the plug-in architecture.
check_type
Returns true if $type is "circ" or $filename is a directory containing a ".circ" file.
$fact = check_type($filename, $type);
Back-End Input and output methods
The functions load() and save() are responsible for determining the filetype (with forced types available via $opt->{type}.) These then call the appropriate load< thing > or save< thing > functions.
load
Loads a CAD::Drawing object from an SQL database. $spec should be of the form required by the database driver.
$opts->{auth} = ["username", "password"] may be required to create a connection.
$drw->load($spec, $opts);
save
$drw->save($spec, $opts);
cleardb
Deletes the drawing and all of its entities from the database.
$drw->cleardb();
Internals
parse_options
Allows options to come in through the $spec or %opts.
%options = parse_options($spec, %opts);
sort_addr
Sorts through @addr_list and returns a hash of array references for each entity type.
%these = sort_addr($layer, @addr_list);
Download (0.008MB)
Added: 2007-03-17 License: GPL (GNU General Public License) Price:
952 downloads
TCP Knocking 0.1
TCP Knocking provides a port knocking implementation. more>>
TCP Knocking provides a port knocking implementation.
Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.
<<lessOften a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port knocking is designed to be used as a complementary service to the existing authentication mechanism. But one of the biggest problems with port knocking is manipulating the firewall with timeouts.
When the correct knock sequence is sent, the firewall is modified for couple of seconds. Having the firewall open automatically for a time period will make any system administrator uncomfortable. TCP knocking attempts to solve the problem by incorporating the knock into the TCP handshake. Tcp knocking is similar to port knocking, but instead sending UDP packets with secret ports, the TCP handshake packets must include secrete codes. It is at least as secure as port knocking and it can be made secure with more hardening.
Modified TCP handshake:
In normal TCP handshake, the client sends the syn packet and chooses a random initial sequence number. The server responds with a packet that has both syn and ack flags set, choosing a random
The modified TCP handshake uses the empty fields in the header. The server does not respond to connection requests without a special code generated along with the syn packet. The server also encrypts the ISN in the ack packet (2) and the final packet of the three-way handshake must have the correct acknowledgment for the servers ISN. The system is further protected from brute-force attacks by closing the connection if the first attempt for the third packet does not have the expected acknowledgment sequence.
Also, rather than use conventional encryption techniques like HMAC for verification, this system uses a file with random numbers as the key. This is because of the limited unused space available in the TCP/IP header which makes HMAC very weak. By using a shared file, the length of the key can be much greater than traditional systems and even though some parts of the key can be revealed by attacks, the server can protect itself from replay attacks.
The handshake:
1) Syn
The syn packet does not use the 32 bit acknowledgment field in the TCP header as it the the first packet to initiate the connection. Further the 16 bit IPID can be used to transmit information. In the current implementation only the 32 bit acknowledgment field is used. Currently the 32 bit ack is derived from a 64 KB file which contains random numbers. The ISN and the source IP address along with the random numbers are used to generate this value.
2) Syn/Ack
The ISN is encrypted using the random numbers from the 64 KB file using the destination IP address as well as a 16 bit random number used as IPID. I do not have code for this part yet.
3) Ack
The client decrypts the syn number from the encrypted syn, the key file, the 16 bit IPID and its own IP address and sends the ack packet. The server closes all connections from the client for couple of minutes if it sends a wrong ack value. Part of the security relies on the fact that the ISN generated by Linux 2.6 is fairly random.
Implementation:
I have implemented only the first part, which is the server expecting secret code along with the first syn packet from the client. Hence it is very possible to brute-force the server. Also the system is designed with the second phase in mind, which is the encrypted Initial Sequence Number in the ack packet and closing the connection if the correct ack is not sent on the first try. I do not have an implementation for that yet. The security will be increased greatly when the second phase is incorporated. Also the ability to detect brute-force attacks can be added to this system.
But the current system can be used for protecting the server from worms and random scanning. The use-case is similar to port knocking but it does not use the ugly system of opening the firewall for a couple of seconds. Vanilla port knocking is susceptible to brute-force attacks as well. Besides, inserting a kernel module to just ssh into your server will increase your mad sysadmin points.
Enhancements:
- TCP knocking with Phase 1 of the protocol was implemented.
Download (0.005MB)
Added: 2006-12-06 License: GPL (GNU General Public License) Price:
1054 downloads
Secleted [ 0 ] software to compare
- Page: 1 of 1
- 1
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above susceptible search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
